收到SSLHandshakeException:尝试连接第三方URL时收到来自Payara服务器的致命警报: handshake_failure
收到SSLHandshakeException:尝试连接第三方URL时收到来自Payara服务器的致命警报: handshake_failure
提问于 2021-08-06 06:32:44
服务器: Payara 5.192 JDK: 8更新121
您好,我正在尝试从我的web应用程序连接第三方URL,但收到了SSL异常。
根据一些论坛,我试图在服务器上申请通配符证书,但问题仍然存在。
我还检查了ssl日志,并观察到在tls1.2 hello上发起通信的两个第三方URL。你能建议我还有什么可以检查的吗?此外,如果有任何方法,我可以停止"hostnameVerification“为payara,直到这个问题得到解决。
正在下面添加服务器日志和异常堆栈。
%% Resuming [Session-9, TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384
*** ServerHello, TLSv1.2
RandomCookie:
GMT: 1628019948
bytes = {
146
,
79
,
72
,
18
,
248
,
233
,
164
,
27
,
130
,
143
,
184
,
162
,
63
,
152
,
73
,
109
,
178
,
84
,
175
,
6
,
68
,
141
,
215
,
48
,
206
,
188
,
54
,
217
}
Session ID:
{97, 10, 157, 83, 170, 216, 184, 234, 127, 114, 248, 61, 170, 18, 3, 102, 231, 51, 109, 103, 19, 75, 95, 99, 208, 97, 32, 108, 147, 161, 129, 12}
Cipher Suite: TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384
Compression Method: 0
Extension renegotiation_info, renegotiated_connection: <empty>
***
Cipher suite: TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384
CONNECTION KEYGEN:
Client Nonce:
0000:
61
0A
9D
EC
D7
05
0A
5C
E4
B7
80
8F
02
3F
89
55
a.
.
.
.
.
.
\.
.
.
.
.
?.
U
0010:
C4
95
6E
8E
DF
73
42
6E
E1
72
07
28
DE
F9
56
C9
.
.
n.
.
sBn.
r.
(.
.
V.
Server Nonce:
0000:
61
0A
9D
EC
92
4F
48
12
F8
E9
A4
1B
82
8F
B8
A2
a.
.
.
.
OH.
.
.
.
.
.
.
.
.
0010:
3F
98
49
6D
B2
54
AF
06
44
8D
D7
30
CE
BC
36
D9
?.
Im.
T.
.
D.
.
0.
.
6.
Master Secret:
0000:
BC
64
7A
76
57
F4
D9
C9
B5
8E
54
01
33
65
55
94
.
dzvW.
.
.
.
.
T.
3eU.
0010:
E9
AE
FF
0B
7E
81
CE
AE
CD
40
2B
51
BE
11
84
57
.
.
.
.
.
.
.
.
.
@+Q.
.
.
W
0020:
A6
0B
6D
96
FD
F8
91
A4
55
2E
23
34
42
10
7A
74
.
.
m.
.
.
.
.
U.#4B.
zt
Client MAC write Secret:
Ty.
Mm.
.
.
.
F.
0020:
1D
3F
BA
ED
94
C7
AC
38
ED
20
E1
DD
14
8D
C9
F4
.
?.
.
.
.
.
8.
.
.
.
.
.
.
Server MAC write Secret:]]
Cipher Suites: [TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384, TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384, TLS_RSA_WITH_AES_256_CBC_SHA256, TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384, TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384, TLS_DHE_RSA_WITH_AES_256_CBC_SHA256, TLS_DHE_DSS_WITH_AES_256_CBC_SHA256, TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA, TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA, TLS_RSA_WITH_AES_256_CBC_SHA, TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA, TLS_ECDH_RSA_WITH_AES_256_CBC_SHA, TLS_DHE_RSA_WITH_AES_256_CBC_SHA, TLS_DHE_DSS_WITH_AES_256_CBC_SHA, TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256, TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256, TLS_RSA_WITH_AES_128_CBC_SHA256, TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256, TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256, TLS_DHE_RSA_WITH_AES_128_CBC_SHA256, TLS_DHE_DSS_WITH_AES_128_CBC_SHA256, TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA, TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA, TLS_RSA_WITH_AES_128_CBC_SHA, TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA, TLS_ECDH_RSA_WITH_AES_128_CBC_SHA, TLS_DHE_RSA_WITH_AES_128_CBC_SHA, TLS_DHE_DSS_WITH_AES_128_CBC_SHA, TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384, TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256, TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384, TLS_RSA_WITH_AES_256_GCM_SHA384, TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384, TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384, TLS_DHE_RSA_WITH_AES_256_GCM_SHA384, TLS_DHE_DSS_WITH_AES_256_GCM_SHA384, TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256, TLS_RSA_WITH_AES_128_GCM_SHA256, TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256, TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256, TLS_DHE_RSA_WITH_AES_128_GCM_SHA256, TLS_DHE_DSS_WITH_AES_128_GCM_SHA256, TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA, TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA, SSL_RSA_WITH_3DES_EDE_CBC_SHA, TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA, TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA, SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA, SSL_DHE_DSS_WITH_3DES_EDE_CBC_SHA, TLS_EMPTY_RENEGOTIATION_INFO_SCSV
Extension signature_algorithms, signature_algorithms: SHA512withECDSA, SHA512withRSA, SHA384withECDSA, SHA384withRSA, SHA256withECDSA, SHA256withRSA, SHA256withDSA, SHA224withECDSA, SHA224withRSA, SHA224withDSA, SHA1withECDSA, SHA1withRSA, SHA1withDSA
, RECV TLSv1.2 ALERT:
fatal,
handshake_failure
javax.net.ssl.SSLHandshakeException: Received fatal alert: handshake_failure
at sun.security.ssl.Alerts.getSSLException(Alerts.java:201)
at sun.security.ssl.Alerts.getSSLException(Alerts.java:163)
at sun.security.ssl.SSLSocketImpl.recvAlert(SSLSocketImpl.java:2023)
at sun.security.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:1125)
at sun.security.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1375)
at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1403)
at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1387)
at sun.net.www.protocol.https.HttpsClient.afterConnect(HttpsClient.java:559)
at sun.net.www.protocol.https.AbstractDelegateHttpsURLConnection.connect(AbstractDelegateHttpsURLConnection.java:185)
at sun.net.www.protocol.https.HttpsURLConnectionImpl.connect(HttpsURLConnectionImpl.java:153)
at project.path.validateInstanceUrl(InstanceMasterBean.java:359)
回答 1
Stack Overflow用户
发布于 2021-08-17 13:28:27
我找到了上述问题的解决方案。在这里发帖,这样任何有类似问题的人都可以找到它作为参考。
根据@jcamsler的评论,我将JDK8更新为301,但是Payara服务器没有启动,并给出了下面的错误。
Error Logs after JDK8update301 applied
因此,尝试应用Glassfish error,但不起作用。
然后,我将JDK降级为JDK8u261,并再次使用[Glassfish error]grizzly文件,其中没有sun文件夹。这解决了我的问题。
页面原文内容由Stack Overflow提供。腾讯云小微IT领域专用引擎提供翻译支持
原文链接:
https://stackoverflow.com/questions/68677138
复制相关文章
相似问题
腾讯云开发者
Copyright © 2013 - 2026 Tencent Cloud. All Rights Reserved. 腾讯云 版权所有
深圳市腾讯计算机系统有限公司 ICP备案/许可证号:粤B2-20090059 
粤公网安备44030502008569号
腾讯云计算(北京)有限责任公司 京ICP证150476号 | 京ICP备11018762号